pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [pkgsrc-2015Q2] pkgsrc/net/bind99

Module Name:    pkgsrc
Committed By:   tron
Date:           Thu Sep  3 20:03:06 UTC 2015

Modified Files:
        pkgsrc/net/bind99 [pkgsrc-2015Q2]: Makefile distinfo

Log Message:
Pullup ticket #4810 - requested by sevan & taca
net/bind99: security update

Revisions pulled up:
- net/bind99/Makefile                                           1.47-1.48
- net/bind99/distinfo                                           1.31-1.32
- net/bind99/patches/patch-lib_dns_hmac_link.c                  deleted
- net/bind99/patches/patch-lib_dns_include_dst_dst.h            deleted
- net/bind99/patches/patch-lib_dns_ncache.c                     deleted
- net/bind99/patches/patch-lib_dns_openssldh_link.c             deleted
- net/bind99/patches/patch-lib_dns_openssldsa_link.c            deleted
- net/bind99/patches/patch-lib_dns_opensslecdsa_link.c          deleted
- net/bind99/patches/patch-lib_dns_opensslsslrsa_link.c         deleted
- net/bind99/patches/patch-lib_dns_rdata_generic_openpgpkey_61.c deleted
- net/bind99/patches/patch-lib_dns_resolver.c                   deleted

---
   Module Name: pkgsrc
   Committed By:        sevan
   Date:                Wed Sep  2 19:44:28 UTC 2015

   Modified Files:
        pkgsrc/net/bind99: Makefile distinfo
   Added Files:
        pkgsrc/net/bind99/patches: patch-lib_dns_hmac_link.c
            patch-lib_dns_include_dst_dst.h patch-lib_dns_ncache.c
            patch-lib_dns_openssldh_link.c patch-lib_dns_openssldsa_link.c
            patch-lib_dns_opensslecdsa_link.c
            patch-lib_dns_opensslsslrsa_link.c
            patch-lib_dns_rdata_generic_openpgpkey_61.c
            patch-lib_dns_resolver.c

   Log Message:
   Patch CVE-2015-5722 & CVE-2015-5986
   Bump rev

   CVE-2015-5722 - Parsing malformed keys may cause BIND to exit due to a failed
   assertion in buffer.c
   https://kb.isc.org/article/AA-01287/0

   CVE-2015-5986 - An incorrect boundary check can trigger a REQUIRE assertion
   failure in openpgpkey_61.c
   https://kb.isc.org/article/AA-01291/0

   Reviewed by wiz@

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Thu Sep  3 00:35:03 UTC 2015

   Modified Files:
        pkgsrc/net/bind99: Makefile distinfo
   Removed Files:
        pkgsrc/net/bind99/patches: patch-lib_dns_hmac_link.c
            patch-lib_dns_include_dst_dst.h patch-lib_dns_ncache.c
            patch-lib_dns_openssldh_link.c patch-lib_dns_openssldsa_link.c
            patch-lib_dns_opensslecdsa_link.c
            patch-lib_dns_opensslsslrsa_link.c
            patch-lib_dns_rdata_generic_openpgpkey_61.c
            patch-lib_dns_resolver.c

   Log Message:
   Update bind99 to 9.9.7pl3 (BIND 9.9.7-P3).
   (These security fixes are already done by bind-9.9.7pl2nb1.)

        --- 9.9.7-P3 released ---

   4170.        [security]      An incorrect boundary check in the OPENPGPKEY
                        rdatatype could trigger an assertion failure.
                        (CVE-2015-5986) [RT #40286]

   4168.        [security]      A buffer accounting error could trigger an
                        assertion failure when parsing certain malformed
                        DNSSEC keys. (CVE-2015-5722) [RT #40212]


To generate a diff of this commit:
cvs rdiff -u -r1.44.2.2 -r1.44.2.3 pkgsrc/net/bind99/Makefile
cvs rdiff -u -r1.28.4.2 -r1.28.4.3 pkgsrc/net/bind99/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home | Main Index | Thread Index | Old Index